[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: a problem of authentication fail in Ubuntu 10.04,slapd 2.4.21

On 04/01/11 19:30 +0800, cn_gd@126.com wrote:
hi all,

I 'm install slapd follow bellow steps  in ubuntu 10.04 lucid  strictly:

1. apt-get install slapd

* slapd -V
@(#) $OpenLDAP: slapd 2.4.21 (Aug 10 2010 17:08:36) $

2. dpkg-reconfigure slapd

3.edit  /etc/ldap/slapd.d/cn\=config.ldif

4. cat /etc/ldap/slapd.d/cn\=config.ldif

dn: cn=config
objectClass: olcGlobal
cn: config
olcArgsFile: /var/run/slapd/slapd.args
olcLogLevel: none
olcPidFile: /var/run/slapd/slapd.pid
structuralObjectClass: olcGlobal

dn: olcDatabase=bdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcBdbConfig
olcDatabase: bdb
olcSuffix: "dc=cg,dc=scsio,dc=ac,dc=cn"
olcDbDirectory:    /home/az/openldap-data
olcRootDN: "cn=Manager,dc=cg,dc=scsio,dc=ac,dc=cn"
olcRootPW: secret

4. /etc/init.d/slapd restart

All step're OK,then I run bellow to test it:

5. ldapsearch -x -D "cn=Manager,dc=cg,dc=scsio,dc=ac,dc=cn" -w "secret" -H ldap://cg.scsio.ac.cn

and it show that error:
*ldap_bind: Invalid credentials (49)

You could increase your log level (olcLogLevel) to get trouble shooting

After having gone through this process myself recently (using slapd.d), and
not being happy with the Debian default config, here's the process I'm
using in a test environment for boot strapping an install, that might spark
some ideas with your config.

My starting configuration is: http://web.olp.net/dwhite/openldap/slapd-new.conf

aptitude install slapd slapd-smbk5pwd

/etc/init.d/slapd stop
mv /etc/ldap/slapd.d /etc/ldap/slapd.d.bak
mv /var/lib/ldap /var/lib/ldap.bak
mkdir /etc/ldap/slapd.d /var/lib/ldap
chown openldap:openldap /etc/ldap/slapd.d /var/lib/ldap
cat > /etc/ldap/ldap.conf << EOF
BASE dc=example,dc=org
URI ldapi:///

echo "SASL_MECH EXTERNAL" > /root/.ldaprc

sudo -u openldap slapadd << EOF
dn: dc=example,dc=org
objectClass: top
objectClass: dcObject
objectClass: organization
o: Example
dc: example

dn: ou=People,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: People

dn: ou=Groups,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Groups

dn: ou=Aliases,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Aliases


sudo -u openldap slaptest -f /etc/ldap/slapd.conf -F /etc/ldap/slapd.d
/etc/init.d/slapd start

Dan White